CVE-2014-4999
CVE-2014-4999 affects the Kajam Ruby gem (1.0.3.rc2). The issue arises in vendor/plugins/dataset/lib/dataset/database/mysql.rb where the mysql user password is exposed on the command lines used by mysqldump (capture) and mysql (restore), enabling a local attacker to view the password by listing p...